How to disable two rules using the free ruleset?

Community support forums for the free/delayed modsecurity rules feed. There is no such thing as a bad question here as long as it pertains to using the delayed modsecurity rules feed. Newbies feel free to get help getting started or asking questions that may be obvious.
Sempiterna
Forum Regular
Forum Regular
Posts: 153
Joined: Tue Jun 24, 2008 12:05 pm

How to disable two rules using the free ruleset?

Unread post by Sempiterna »

I installed a script (piwik analytics) on my other server that does not have ASL installed but it does have the free gotroot delayed ruleset. I spent the last 2 hours trying to disable two rules for just one location on a single domain and it just will not work. The only thing that did work was simply disabling the two rules for the whole server by adding the following code to 999_asl_user_exclude.conf:

<LocationMatch .*>
<IfModule mod_security2.c>
SecRuleRemoveById 340162
SecRuleRemoveById 340163
</IfModule>
</LocationMatch>

Replacing .* with the complete url (with and without http), with the linux filesystem path, adding the code to the httpd.conf, etc etc... it just does not work. As these are two quite dangerous rules (remote file injection) to disable globally, i would prefer to only disable them for just this one location. The server has virtualmin/webmin installed, so i have complete freedom over all config files.

Note, i wish i could use ASL on there as well like on my other server, but i only have 2 VPS-es, so buying the minimum amount of 5 licenses is a bit steep for the free services i offer.
breun
Long Time Forum Regular
Long Time Forum Regular
Posts: 2813
Joined: Sat Aug 20, 2005 9:30 am
Location: The Netherlands

Re: How to disable two rules using the free ruleset?

Unread post by breun »

Put that section in the domain's vhost and it should only apply to that vhost.

You cannot specify full URL's or file system paths in a Location or LocationMatch statement. Only the URL path is matched by Location/LocationMatch (for http://www.example.com/dir/file.php this is /dir/file.php), if you want to match on file system path you'll need to use a Directory/DirectoryMatch statement.

See the Apache documentation for more details on those configuration statements.
Lemonbit Internet Dedicated Server Management
Post Reply